Release 1.2.2

deprecated bug fix and support undeprecate

.travis.yml

@@ -1,3 +1,5 @@
 language: node_js
 node_js:
   - '0.11'
+script: "make test-travis"
+after_script: "npm install coveralls@2 && cat ./coverage/lcov.info | coveralls"

History.md

@@ -1,4 +1,80 @@
 
+1.2.2 / 2014-08-08
+==================
+
+  * bump koa
+
+1.2.1 / 2014-08-07
+==================
+
+ * deprecated bug fix and support undeprecate
+
+1.2.0 / 2014-08-07
+==================
+
+ * show deprecated message
+ * Sync deprecated field if it missing
+ * Support $ cnpm deprecate [pkgname]@[version] "message". fixed #415
+
+1.1.0 / 2014-08-07
+==================
+
+ * Add user to maintainers when publish. fixed #395
+ * List all npm registry api. close #413
+ * limit list since
+ * change deps by "~"
+ * use cfork to make sure worker fork and restart
+ * handle master uncaughtException. fixed #403
+
+1.0.6 / 2014-08-02
+==================
+
+ * WTF moment@2.8.0 missing
+
+1.0.5 / 2014-08-02
+==================
+
+ * unpublish pkg@version bug hotfix. fixed #400
+
+1.0.4 / 2014-08-01
+==================
+
+ * hotfix #399 use not exists
+
+1.0.3 / 2014-08-01
+==================
+
+ * add maintaining packages in user page
+
+1.0.2 / 2014-08-01
+==================
+
+  * ~_~ fix auth error response message
+
+1.0.1 / 2014-08-01
+==================
+
+  * Merge pull request #398 from cnpm/fix-auth
+  * hot fix auth error
+
+1.0.0 / 2014-08-01
+==================
+
+ * add private package list
+
+0.9.2 / 2014-07-30
+==================
+
+ * hotfix save custom user bug
+
+0.9.1 / 2014-07-30
+==================
+
+ * Handle user service auth throw custom error message
+ * add test for config private packages
+ * add config.privatePackages
+ * add more comments in config/index.js
+
 0.9.0 / 2014-07-29
 ==================
 

Makefile

@@ -44,11 +44,26 @@ test-cov cov: install pretest
 		$(TESTS)
 	@./node_modules/.bin/cov coverage
 
+test-travis: install pretest
+	@NODE_ENV=test node --harmony \
+		node_modules/.bin/istanbul cover --preserve-comments \
+		./node_modules/.bin/_mocha \
+		--report lcovonly \
+		-- \
+		--reporter dot \
+		--timeout $(TIMEOUT) \
+		--require should \
+		--require should-http \
+		--require co-mocha \
+		--require ./test/init.js \
+		$(MOCHA_OPTS) \
+		$(TESTS)
+
 contributors: install
 	@./node_modules/.bin/contributors -f plain -o AUTHORS
 
 autod: install
-	@./node_modules/.bin/autod -w -e public,view,docs,backup,coverage -k nodemailer
+	@./node_modules/.bin/autod -w -e public,view,docs,backup,coverage -k nodemailer --prefix "~"
 	@$(MAKE) install
 
 .PHONY: test

README.md

@@ -1,9 +1,22 @@
 cnpmjs.org
 =======
 
-[![Build Status](https://secure.travis-ci.org/cnpm/cnpmjs.org.svg)](http://travis-ci.org/cnpm/cnpmjs.org) [![Dependency Status](https://gemnasium.com/cnpm/cnpmjs.org.svg)](https://gemnasium.com/cnpm/cnpmjs.org)
+[![NPM version][npm-image]][npm-url]
+[![build status][travis-image]][travis-url]
+[![Test coverage][coveralls-image]][coveralls-url]
+[![Gittip][gittip-image]][gittip-url]
+[![David deps][david-image]][david-url]
 
-[![NPM](https://nodei.co/npm/cnpmjs.org.svg?downloads=true&stars=true)](https://nodei.co/npm/cnpmjs.org/)
+[npm-image]: https://img.shields.io/npm/v/cnpmjs.org.svg?style=flat
+[npm-url]: https://npmjs.org/package/cnpmjs.org
+[travis-image]: https://img.shields.io/travis/cnpm/cnpmjs.org.svg?style=flat
+[travis-url]: https://travis-ci.org/cnpm/cnpmjs.org
+[coveralls-image]: https://img.shields.io/coveralls/cnpm/cnpmjs.org.svg?style=flat
+[coveralls-url]: https://coveralls.io/r/cnpm/cnpmjs.org?branch=master
+[gittip-image]: https://img.shields.io/gittip/fengmk2.svg?style=flat
+[gittip-url]: https://www.gittip.com/fengmk2/
+[david-image]: https://img.shields.io/david/cnpm/cnpmjs.org.svg?style=flat
+[david-url]: https://david-dm.org/cnpm/cnpmjs.org
 
 ![logo](https://raw.github.com/cnpm/cnpmjs.org/master/logo.png)
 

config/index.js

@@ -27,16 +27,88 @@ var version = require('../package.json').version;
 var root = path.dirname(__dirname);
 
 var config = {
+
   version: version,
+
+  /**
+   * Cluster mode
+   */
+  enableCluster: false,
+  numCPUs: os.cpus().length,
+
+  /*
+   * server configure
+   */
   registryPort: 7001,
   webPort: 7002,
   bindingHost: '127.0.0.1', // only binding on 127.0.0.1 for local access
-  enableCluster: false,
-  numCPUs: os.cpus().length,
-  debug: true, // if debug
+
+  // debug mode
+  // if in debug mode, some middleware like limit wont load
+  // logger module will print to stdout
+  debug: true,
+  // session secret
+  sessionSecret: 'cnpmjs.org test session secret',
+  // max request json body size
+  jsonLimit: '10mb',
+  // log dir name
   logdir: path.join(root, '.tmp', 'logs'),
+  // update file template dir
+  uploadDir: path.join(root, '.dist'),
+  // web page viewCache
   viewCache: false,
-  // mysql config
+
+  // config for koa-limit middleware
+  // for limit download rates
+  limit: {
+    enable: false,
+    token: 'koa-limit:download',
+    limit: 1000,
+    interval: 1000 * 60 * 60 * 24,
+    whiteList: [],
+    blackList: [],
+    message: 'request frequency limited, any question, please contact fengmk2@gmail.com',
+  },
+
+  enableCompress: false, // enable gzip response or not
+
+  // default system admins
+  admins: {
+    // name: email
+    fengmk2: 'fengmk2@gmail.com',
+    admin: 'admin@cnpmjs.org',
+    dead_horse: 'dead_horse@qq.com',
+    cnpmjstest10: 'cnpmjstest10@cnpmjs.org',
+  },
+
+  // email notification for errors
+  mail: {
+    appname: 'cnpmjs.org',
+    sender: 'cnpmjs.org mail sender <adderss@gmail.com>',
+    host: 'smtp.gmail.com',
+    port: 465,
+    user: 'address@gmail.com',
+    pass: 'your password',
+    ssl: true,
+    debug: false
+  },
+
+
+  logoURL: '//ww4.sinaimg.cn/large/69c1d4acgw1ebfly5kjlij208202oglr.jpg', // cnpm logo image url
+  customReadmeFile: '', // you can use your custom readme file instead the cnpm one
+  customFooter: '', // you can add copyright and site total script html here
+  npmClientName: 'cnpm', // use `${name} install package`
+  packagePageContributorSearch: true, // package page contributor link to search, default is true
+
+  // max handle number of package.json `dependencies` property
+  maxDependencies: 200,
+  // backup filepath prefix
+  backupFilePrefix: '/cnpm/backup/',
+
+  /**
+   * mysql config
+   */
+
   mysqlServers: [
     {
       host: '127.0.0.1',
@@ -49,73 +121,32 @@ var config = {
   mysqlMaxConnections: 4,
   mysqlQueryTimeout: 5000,
 
-  sessionSecret: 'cnpmjs.org test session secret',
-  redis: {
-    // host: 'pub-redis-19533.us-east-1-4.3.ec2.garantiadata.com',
-    // port: 19533,
-    // pass: 'cnpmjs_dev'
-  },
-  jsonLimit: '10mb', // max request json body size
-  uploadDir: path.join(root, '.dist'),
+
+  // redis config
+  // use for koa-limit module as storage
+  redis: null,
+
+  // package tarball store in qn by default
   // qiniu cdn: http://www.qiniu.com/, it free for dev.
   qn: {
-    // accessKey: "iN7NgwM31j4-BZacMjPrOQBs34UG1maYCAQmhdCV",
-    // secretKey: "6QTOr2Jg1gcZEWDQXKOGZh5PziC2MCV5KsntT70j",
-    // bucket: "qtestbucket",
-    // domain: "http://qtestbucket.qiniudn.com",
     accessKey: "5UyUq-l6jsWqZMU6tuQ85Msehrs3Dr58G-mCZ9rE",
     secretKey: "YaRsPKiYm4nGUt8mdz2QxeV5Q_yaUzVxagRuWTfM",
     bucket: "qiniu-sdk-test",
     domain: "http://qiniu-sdk-test.qiniudn.com",
   },
 
-  mail: {
-    appname: 'cnpmjs.org',
-    sender: 'cnpmjs.org mail sender <adderss@gmail.com>',
-    host: 'smtp.gmail.com',
-    port: 465,
-    user: 'address@gmail.com',
-    pass: 'your password',
-    ssl: true,
-    debug: false
-  },
-
-  noticeSyncDistError: true,
-  disturl: 'http://nodejs.org/dist',
-  syncDist: false,
-  logoURL: '//ww4.sinaimg.cn/large/69c1d4acgw1ebfly5kjlij208202oglr.jpg',
+  // registry url name
   registryHost: 'r.cnpmjs.org',
-  // customReadmeFile: __dirname + '/web_readme.md',
-  customReadmeFile: '', // you can use your custom readme file instead the cnpm one
-  customFooter: '', // you can add copyright and site total script html here
-  npmClientName: 'cnpm', // use `${name} install package`
-  packagePageContributorSearch: true, // package page contributor link to search, default is true
-  sourceNpmRegistry: 'http://registry.npmjs.org',
-  enablePrivate: true, // enable private mode, only admin can publish, other use just can sync package from source npm
-  admins: {
-    // name: email
-    fengmk2: 'fengmk2@gmail.com',
-    admin: 'admin@cnpmjs.org',
-    dead_horse: 'dead_horse@qq.com',
-    cnpmjstest10: 'cnpmjstest10@cnpmjs.org',
-  },
-  syncByInstall: true,
-  backupFilePrefix: '/cnpm/backup/', // backup filepath prefix
-  syncModel: 'none', // 'none', 'all', 'exist'
-  syncConcurrency: 1,
-  syncInterval: '10m', // sync interval, default is 10 minutes
-  maxDependencies: 200, // max handle number of package.json `dependencies` property
 
-  limit: {
-    enable: false,
-    token: 'koa-limit:download',
-    limit: 1000,
-    interval: 1000 * 60 * 60 * 24,
-    whiteList: [],
-    blackList: [],
-    message: 'request frequency limited, any question, please contact fengmk2@gmail.com',
-  },
-  enableCompress: false, // enable gzip response or not
+
+  /**
+   * registry mode config
+   */
+
+  // enable private mode, only admin can publish, other use just can sync package from source npm
+  enablePrivate: true,
+
+  // registry scopes, if don't set, means do not support scopes
   scopes: [
     '@cnpm',
     '@cnpmtest'
@@ -125,8 +156,40 @@ var config = {
   // forward compatbility for update from lower version cnpmjs.org
   adaptScope: true,
 
-  // force publish with scope
+  // force user publish with scope
+  // but admins still can publish without scope
   forcePublishWithScope: true,
+
+  // some registry already have some private packages in global scope
+  // but we want to treat them as scoped private packages,
+  // so you can use this white list.
+  privatePackages: ['private-package'],
+
+  /**
+   * sync configs
+   */
+
+  // sync dist config
+  // sync node.js dist from nodejs.org
+  noticeSyncDistError: true,
+  disturl: 'http://nodejs.org/dist',
+  syncDist: false,
+
+  // sync source
+  sourceNpmRegistry: 'http://registry.npmjs.org',
+
+  // if install return 404, try to sync from source registry
+  syncByInstall: true,
+
+  // sync mode select
+  // none: do not sync any module
+  // exist: only sync exist modules
+  // all: sync all modules
+  syncModel: 'none', // 'none', 'all', 'exist'
+
+  syncConcurrency: 1,
+  // sync interval, default is 10 minutes
+  syncInterval: '10m',
 };
 
 // load config/config.js, everything in config.js will cover the same key in index.js

controllers/registry/deprecate.js

@@ -0,0 +1,60 @@
+/**!
+ * cnpmjs.org - controllers/registry/deprecate.js
+ *
+ * Copyright(c) fengmk2 and other contributors.
+ * MIT Licensed
+ *
+ * Authors:
+ *   fengmk2 <fengmk2@gmail.com> (http://fengmk2.github.com)
+ */
+
+'use strict';
+
+/**
+ * Module dependencies.
+ */
+
+var Module = require('../../proxy/module');
+
+module.exports = deprecateVersions;
+
+/**
+ * @see https://github.com/cnpm/cnpmjs.org/issues/415
+ */
+function* deprecateVersions(next) {
+  var body = this.request.body;
+  var name = this.params.name || this.params[0];
+
+  var tasks = [];
+  for (var version in body.versions) {
+    tasks.push(Module.get(name, version));
+  }
+  var rs = yield tasks;
+
+  var updateTasks = [];
+  for (var i = 0; i < rs.length; i++) {
+    var row = rs[i];
+    if (!row) {
+      // some version not exists
+      this.status = 400;
+      this.body = {
+        error: 'version_error',
+        reason: 'Some versions: ' + JSON.stringify(Object.keys(body.versions)) + ' not found'
+      };
+      return;
+    }
+    var data = body.versions[row.package.version];
+    if (typeof data.deprecated === 'string') {
+      row.package.deprecated = data.deprecated;
+      updateTasks.push(Module.updatePackage(row.id, row.package));
+    }
+  }
+  yield updateTasks;
+  // update last modified
+  yield* Module.updateLastModified(name);
+
+  this.status = 201;
+  this.body = {
+    ok: true
+  };
+}

controllers/registry/module.js

@@ -41,6 +41,7 @@ var ModuleUnpublished = require('../../proxy/module_unpublished');
 var packageService = require('../../services/package');
 var UserService = require('../../services/user');
 var downloadAsReadStream = require('../utils').downloadAsReadStream;
+var deprecateVersions = require('./deprecate');
 
 /**
  * show all version of a module
@@ -143,13 +144,12 @@ exports.show = function* (next) {
       };
       return;
     }
-    var result = yield SyncModuleWorker.sync(name, 'sync-by-install');
+    var result = yield* SyncModuleWorker.sync(name, 'sync-by-install');
     this.body = result.pkg;
     this.status = result.ok ? 200 : (result.statusCode || 500);
     return;
   }
 
-  var nextMod = null;
   var latestMod = null;
   var readme = null;
   // set tags
@@ -166,22 +166,19 @@ exports.show = function* (next) {
   var createdTime = null;
   for (var i = 0; i < rows.length; i++) {
     var row = rows[i];
-    if (row.version === 'next') {
-      nextMod = row;
-      continue;
-    }
     var pkg = row.package;
     common.setDownloadURL(pkg, this);
     pkg._cnpm_publish_time = row.publish_time;
     versions[pkg.version] = pkg;
+
     var t = times[pkg.version] = row.publish_time ? new Date(row.publish_time) : row.gmt_modified;
-    if ((!distTags.latest && !latestMod) || distTags.latest === row.version) {
+    if ((!distTags.latest && !latestMod) || distTags.latest === pkg.version) {
       latestMod = row;
       readme = pkg.readme;
     }
+
     delete pkg.readme;
     if (maintainers.length > 0) {
-      // TODO: need to use newer maintainers
       pkg.maintainers = maintainers;
     }
 
@@ -208,21 +205,13 @@ exports.show = function* (next) {
   }
 
   if (!latestMod) {
-    latestMod = nextMod || rows[0];
-  }
-
-  if (!nextMod) {
-    nextMod = latestMod;
-  }
-
-  var rev = '';
-  if (nextMod) {
-    rev = String(nextMod.id);
+    latestMod = rows[0];
   }
 
+  var rev = String(latestMod.id);
   var pkg = latestMod.package;
 
-  if (tags.length === 0 && pkg.version !== 'next') {
+  if (tags.length === 0) {
     // some sync error reason, will cause tags missing
     // set latest tag at least
     distTags.latest = pkg.version;
@@ -438,26 +427,58 @@ exports.addPackageAndDist = function *(next) {
   //    { content_type: 'application/octet-stream',
   //      data: 'H4sIAAAAA
   //      length: 9883
-
   var pkg = this.request.body;
   var username = this.user.name;
   var name = this.params.name || this.params[0];
   var filename = Object.keys(pkg._attachments || {})[0];
   var version = Object.keys(pkg.versions || {})[0];
-  if (!version || !filename) {
+  if (!version) {
     this.status = 400;
     this.body = {
       error: 'version_error',
-      reason: 'filename or version not found, filename: ' + filename + ', version: ' + version
+      reason: 'version ' + version + ' not found'
+    };
+    return;
+  }
+
+  // check maintainers
+  var isMaintainer = yield* packageService.isMaintainer(name, username);
+  if (!isMaintainer) {
+    this.status = 403;
+    this.body = {
+      error: 'forbidden user',
+      reason: username + ' not authorized to modify ' + name
+    };
+    return;
+  }
+
+  if (!filename) {
+    var hasDeprecated = false;
+    for (var v in pkg.versions) {
+      var row = pkg.versions[v];
+      if (typeof row.deprecated === 'string') {
+        hasDeprecated = true;
+        break;
+      }
+    }
+    if (hasDeprecated) {
+      return yield* deprecateVersions.call(this, next);
+    }
+
+    this.status = 400;
+    this.body = {
+      error: 'filename_error',
+      reason: 'filename ' + filename + ' not found'
     };
     return;
   }
 
   var attachment = pkg._attachments[filename];
   var versionPackage = pkg.versions[version];
+  var maintainers = versionPackage.maintainers;
 
   // should never happened in normal request
-  if (!versionPackage.maintainers) {
+  if (!maintainers) {
     this.status = 400;
     this.body = {
       error: 'maintainers error',
@@ -471,7 +492,7 @@ exports.addPackageAndDist = function *(next) {
 
   // make sure user in auth is in maintainers
   // should never happened in normal request
-  var m = versionPackage.maintainers.filter(function (maintainer) {
+  var m = maintainers.filter(function (maintainer) {
     return maintainer.name === username;
   });
   if (!m.length) {
@@ -513,17 +534,6 @@ exports.addPackageAndDist = function *(next) {
     return;
   }
 
-  // check maintainers
-  var isMaintainer = yield* packageService.isMaintainer(name, username);
-  if (!isMaintainer) {
-    this.status = 403;
-    this.body = {
-      error: 'forbidden user',
-      reason: username + ' not authorized to modify ' + name
-    };
-    return;
-  }
-
   // upload attachment
   var tarballBuffer;
   tarballBuffer = new Buffer(attachment.data, 'base64');
@@ -592,6 +602,11 @@ exports.addPackageAndDist = function *(next) {
     });
   }
 
+  // ensure maintainers exists
+  yield* packageService.addMaintainers(name, maintainers.map(function (item) {
+    return item.name;
+  }));
+
   this.status = 201;
   this.body = {
     ok: true,
@@ -747,7 +762,7 @@ exports.removeWithVersions = function* (next) {
   debug('remove versions: %j, remain versions: %j', removeVersions, remainVersions);
 
   // step 4: remove all the versions which need to remove
-  yield Module.removeByNameAndVersions(name, removeVersions);
+  // let removeTar do remove versions from module table
   var tags = yield Module.listTags(name);
 
   var removeTags = [];
@@ -785,20 +800,24 @@ exports.removeTar = function* (next) {
   var name = this.params.name || this.params[0];
   var filename = this.params.filename || this.params[1];
   var id = Number(this.params.rev || this.params[2]);
-  debug('remove tarball with filename: %s, id: %s', filename, id);
+  // cnpmjs.org-2.0.0.tgz
+  var version = filename.split(name + '-')[1];
+  if (version) {
+    // 2.0.0.tgz
+    version = version.substring(0, version.lastIndexOf('.tgz'));
+  }
+  if (!version) {
+    return yield* next;
+  }
+
+  debug('remove tarball with filename: %s, version: %s, revert to => rev id: %s', filename, version, id);
 
   var username = this.user.name;
   if (isNaN(id)) {
     return yield* next;
   }
 
-  var mod = yield Module.getById(id);
-  if (!mod || mod.name !== name) {
-    return yield* next;
-  }
-
   var isMaintainer = yield* packageService.isMaintainer(name, username);
-
   if (!isMaintainer && !this.user.isAdmin) {
     this.status = 403;
     this.body = {
@@ -807,9 +826,33 @@ exports.removeTar = function* (next) {
     };
     return;
   }
-  var key = mod.package.dist && mod.package.dist.key;
+
+  var rs = yield [
+    Module.getById(id),
+    Module.get(name, version),
+  ];
+  var revertTo = rs[0];
+  var mod = rs[1]; // module need to delete
+  if (!mod || mod.name !== name) {
+    return yield* next;
+  }
+
+  var key = mod.package && mod.package.dist && mod.package.dist.key;
   key = key || common.getCDNKey(mod.name, filename);
-  yield nfs.remove(key);
+
+  if (revertTo && revertTo.package) {
+    debug('removing key: %s from nfs, revert to %s@%s', key, revertTo.name, revertTo.package.version);
+  } else {
+    debug('removing key: %s from nfs, no revert mod', key);
+  }
+  try {
+    yield nfs.remove(key);
+  } catch (err) {
+    logger.error(err);
+  }
+  // remove version from table
+  yield Module.removeByNameAndVersions(name, [version]);
+  debug('removed %s@%s', name, version);
   this.body = { ok: true };
 };
 
@@ -858,6 +901,9 @@ exports.removeAll = function* (next) {
     }
   }
 
+  // remove the maintainers
+  yield* packageService.removeAllMaintainers(name);
+
   this.body = { ok: true };
 };
 
@@ -894,6 +940,8 @@ exports.listAllModules = function *() {
   this.body = result;
 };
 
+var A_WEEK_MS = 3600000 * 24 * 7;
+
 exports.listAllModulesSince = function *() {
   var query = this.query || {};
   if (query.stale !== 'update_after') {
@@ -908,6 +956,11 @@ exports.listAllModulesSince = function *() {
   debug('list all modules from %s', query.startkey);
   var startkey = Number(query.startkey) || 0;
   var updated = Date.now();
+  if (updated - startkey > A_WEEK_MS) {
+    startkey = updated - A_WEEK_MS;
+    console.warn('[%s] list modules since time out of range: query: %j, ip: %s',
+      Date(), query, this.ip);
+  }
   var mods = yield Module.listSince(startkey);
   var result = { _updated: updated };
   mods.forEach(function (mod) {

controllers/registry/user.js

@@ -154,7 +154,17 @@ exports.add = function* () {
 
   debug('add user: %j', body);
 
-  var loginedUser = yield UserService.auth(body.name, body.password);
+  var loginedUser;
+  try {
+    loginedUser = yield UserService.auth(body.name, body.password);
+  } catch (err) {
+    this.status = err.status || 500;
+    this.body = {
+      error: err.name,
+      reason: err.message
+    };
+    return;
+  }
   if (loginedUser) {
     var rev = Date.now() + '-' + loginedUser.login;
     if (config.customUserService) {
@@ -204,6 +214,22 @@ exports.add = function* () {
 };
 
 // logined before update, no need to auth user again
+// { name: 'admin',
+// password: '123123',
+// email: 'fengmk2@gmail.com',
+// _id: 'org.couchdb.user:admin',
+// type: 'user',
+// roles: [],
+// date: '2014-08-05T16:08:22.645Z',
+// _rev: '1-1a18c3d73ba42e863523a399ff3304d8',
+// _cnpm_meta:
+//  { id: 14,
+//    npm_user: false,
+//    custom_user: false,
+//    gmt_create: '2014-08-05T15:46:58.000Z',
+//    gmt_modified: '2014-08-05T15:46:58.000Z',
+//    admin: true,
+//    scopes: [ '@cnpm', '@cnpmtest' ] } }
 exports.update = function *(next) {
   var name = this.params.name;
   var rev = this.params.rev;

controllers/web/package.js

@@ -242,6 +242,14 @@ exports.displaySync = function* (next) {
   });
 };
 
+exports.listPrivates = function* () {
+  var packages = yield Module.listPrivates();
+  yield this.render('private', {
+      title: 'private packages',
+      packages: packages
+    });
+};
+
 function setLicense(pkg) {
   var license;
   license = pkg.license || pkg.licenses || pkg.licence || pkg.licences;

controllers/web/user.js

@@ -44,10 +44,12 @@ exports.display = function* (next) {
     return yield* next;
   }
 
+  user = user || {};
+
   var data = {
     name: name,
-    email: user && user.email,
-    json: user && user.json || {}
+    email: user.email,
+    json: user.json || {}
   };
 
   if (data.json.login) {
@@ -72,7 +74,7 @@ exports.display = function* (next) {
     title: 'User - ' + name,
     packages: packages,
     user: data,
-    lastModified: user.gmt_modified,
+    lastModified: user && user.gmt_modified,
     isAdmin: isAdmin,
     scopes: scopes
   });

dispatch.js

@@ -18,6 +18,7 @@
 var path = require('path');
 var util = require('util');
 var cluster = require('cluster');
+var cfork = require('cfork');
 var config = require('./config');
 var workerPath = path.join(__dirname, 'worker.js');
 var childProcess = require('child_process');
@@ -36,32 +37,21 @@ if (config.enableCluster) {
 }
 
 function forkWorker() {
-  cluster.setupMaster({
-    exec: workerPath
-  });
-
-  cluster.on('fork', function (worker) {
+  cfork({
+    exec: workerPath,
+    count: config.numCPUs,
+  }).on('fork', function (worker) {
     console.log('[%s] [worker:%d] new worker start', Date(), worker.process.pid);
-  });
-
-  cluster.on('disconnect', function (worker) {
-    var w = cluster.fork();
-    console.error('[%s] [master:%s] wroker:%s disconnect, suicide: %s, state: %s. New worker:%s fork',
-      Date(), process.pid, worker.process.pid, worker.suicide, worker.state, w.process.pid);
-  });
-
-  cluster.on('exit', function (worker, code, signal) {
+  }).on('disconnect', function (worker) {
+    console.error('[%s] [master:%s] wroker:%s disconnect, suicide: %s, state: %s.',
+      Date(), process.pid, worker.process.pid, worker.suicide, worker.state);
+  }).on('exit', function (worker, code, signal) {
     var exitCode = worker.process.exitCode;
     var err = new Error(util.format('worker %s died (code: %s, signal: %s, suicide: %s, state: %s)',
       worker.process.pid, exitCode, signal, worker.suicide, worker.state));
     err.name = 'WorkerDiedError';
     console.error('[%s] [master:%s] wroker exit: %s', Date(), process.pid, err.stack);
   });
-
-  // Fork workers.
-  for (var i = 0; i < config.numCPUs; i++) {
-    cluster.fork();
-  }
 }
 
 function forkSyncer() {

docs/registry-api.md

@@ -0,0 +1,833 @@
+# NPM Registry API
+
+## Overview
+
+* [Schema](/docs/registry-api.md#schema)
+* [Client Errors](/docs/registry-api.md#client-errors)
+* [Authentication](/docs/registry-api.md#authentication)
+* [Package](/docs/registry-api.md#package)
+* [User](/docs/registry-api.md#user)
+* [Search](/docs/registry-api.md#search)
+
+## Schema
+
+All API access is over HTTPS or HTTP,
+and accessed from the `registry.npmjs.org` domain.
+All data is sent and received as JSON.
+
+```bash
+$ curl -i https://registry.npmjs.org
+
+HTTP/1.1 200 OK
+Date: Tue, 05 Aug 2014 10:53:24 GMT
+Server: CouchDB/1.5.0 (Erlang OTP/R16B03)
+Content-Type: text/plain; charset=utf-8
+Cache-Control: max-age=60
+Content-Length: 258
+Accept-Ranges: bytes
+Via: 1.1 varnish
+Age: 11
+X-Served-By: cache-ty67-TYO
+X-Cache: HIT
+X-Cache-Hits: 1
+X-Timer: S1407236004.867906,VS0,VE0
+
+{"db_name":"registry","doc_count":90789,"doc_del_count":381,"update_seq":137250,"purge_seq":0,
+"compact_running":false,"disk_size":436228219,"data_size":332875061,
+"instance_start_time":"1405721973718703","disk_format_version":6,"committed_update_seq":137250}
+```
+
+## Client Errors
+
+```json
+Status: 4xx
+
+{
+  "error": "error_name",
+  "reason": "error reason string"
+}
+```
+
+## Authentication
+
+There is only one way to authenticate through the API.
+
+## Basic Authentication
+
+```bash
+$ curl -u "username:password" https://registry.npmjs.org
+```
+
+## Failed login limit
+
+```bash
+$ curl -i -X PUT -u foo:pwd \
+  -d '{"name":"foo","email":"foo@bar.com","type":"user","roles":[]}' \
+  https://registry.npmjs.org/-/user/org.couchdb.user:foo/-rev/11-d226c6afa9286ab5b9eb858c429bdabf
+
+HTTP/1.1 401 Unauthorized
+Date: Tue, 05 Aug 2014 15:33:25 GMT
+Server: CouchDB/1.5.0 (Erlang OTP/R14B04)
+Content-Type: text/plain; charset=utf-8
+Cache-Control: max-age=60
+Content-Length: 67
+Accept-Ranges: bytes
+Via: 1.1 varnish
+X-Served-By: cache-ty66-TYO
+X-Cache: MISS
+X-Cache-Hits: 0
+X-Timer: S1407252805.261390,VS0,VE434
+
+{"error":"unauthorized","reason":"Name or password is incorrect."}
+```
+
+## Package
+
+* Read
+  * [Get a single package](/docs/registry-api.md#get-a-single-package)
+  * [Get a special version or tag package](/docs/registry-api.md#get-a-special-version-or-tag-package)
+  * [List packages since from a update time](/docs/registry-api.md#list-packages-since-from-a-update-time)
+* Write
+  * [Publish a new package](/docs/registry-api.md#publish-a-new-package)
+  * [Update a package's tag](/docs/registry-api.md#update-a-packages-tag)
+  * [Update a package's maintainers](/docs/registry-api.md#update-a-packages-maintainers)
+  * [Remove one version from package](/docs/registry-api.md#remove-one-version-from-package)
+  * [Remove a tgz file from package](/docs/registry-api.md#remove-a-tgz-file-from-package)
+
+### Get a single package
+
+```
+GET /:package
+```
+
+#### Response
+
+```json
+HTTP/1.1 200 OK
+Etag: "8UDCP753LFXOG42NMX88JAN40"
+Content-Type: application/json
+Cache-Control: max-age=60
+Content-Length: 2243
+
+{
+  "_id": "pedding",
+  "_rev": "11-e6d1e6e96eaf72433fef6aaabe843af8",
+  "name": "pedding",
+  "description": "Just pedding for callback.",
+  "dist-tags": {
+    "latest": "1.0.0"
+  },
+  "versions": {
+    "1.0.0": {
+      "name": "pedding",
+      "version": "1.0.0",
+      "description": "Just pedding for callback.",
+      "main": "index.js",
+      "scripts": {
+        "test": "make test-all"
+      },
+      "repository": {
+        "type": "git",
+        "url": "git://github.com/fengmk2/pedding.git"
+      },
+      "keywords": [
+        "pedding",
+        "callback"
+      ],
+      "devDependencies": {
+        "contributors": "*",
+        "mocha": "*",
+        "mocha-phantomjs": "*",
+        "component": "*",
+        "chai": "*"
+      },
+      "author": {
+        "name": "fengmk2",
+        "email": "fengmk2@gmail.com"
+      },
+      "license": "MIT",
+      "contributors": [
+        {
+          "name": "fengmk2",
+          "email": "fengmk2@gmail.com",
+          "url": "https://github.com/fengmk2"
+        },
+        {
+          "name": "dead-horse",
+          "email": "dead_horse@qq.com",
+          "url": "https://github.com/dead-horse"
+        }
+      ],
+      "gitHead": "b42a708414a704336e9dee570a963e2dbe43e529",
+      "bugs": {
+        "url": "https://github.com/fengmk2/pedding/issues"
+      },
+      "homepage": "https://github.com/fengmk2/pedding",
+      "_id": "pedding@1.0.0",
+      "_shasum": "7f5098d60307b4ef7240c3d693cb20a9473c6074",
+      "_from": ".",
+      "_npmVersion": "1.4.13",
+      "_npmUser": {
+        "name": "fengmk2",
+        "email": "fengmk2@gmail.com"
+      },
+      "maintainers": [
+        {
+          "name": "fengmk2",
+          "email": "fengmk2@gmail.com"
+        },
+        {
+          "name": "dead-horse",
+          "email": "dead_horse@qq.com"
+        }
+      ],
+      "dist": {
+        "shasum": "7f5098d60307b4ef7240c3d693cb20a9473c6074",
+        "tarball": "http://registry.npmjs.org/pedding/-/pedding-1.0.0.tgz"
+      },
+      "directories": {}
+    }
+  },
+  "readme": "# pedding\n readme...",
+  "maintainers": [
+    {
+      "name": "fengmk2",
+      "email": "fengmk2@gmail.com"
+    },
+    {
+      "name": "dead-horse",
+      "email": "dead_horse@qq.com"
+    },
+    {
+      "name": "dead_horse",
+      "email": "dead_horse@qq.com"
+    }
+  ],
+  "time": {
+    "modified": "2014-07-05T14:22:53.849Z",
+    "created": "2012-09-18T14:46:08.346Z",
+    "0.0.1": "2012-09-18T14:46:21.321Z",
+    "0.0.2": "2013-06-22T08:26:45.125Z",
+    "0.0.3": "2013-07-02T15:20:34.707Z",
+    "1.0.0": "2014-07-05T11:08:51.614Z"
+  },
+  "author": {
+    "name": "fengmk2",
+    "email": "fengmk2@gmail.com"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/fengmk2/pedding.git"
+  },
+  "keywords": [
+    "pedding",
+    "callback"
+  ],
+  "bugs": {
+    "url": "https://github.com/fengmk2/pedding/issues"
+  },
+  "license": "MIT",
+  "readmeFilename": "README.md",
+  "homepage": "https://github.com/fengmk2/pedding",
+  "contributors": [
+    {
+      "name": "fengmk2",
+      "email": "fengmk2@gmail.com",
+      "url": "https://github.com/fengmk2"
+    },
+    {
+      "name": "dead-horse",
+      "email": "dead_horse@qq.com",
+      "url": "https://github.com/dead-horse"
+    }
+  ],
+  "_attachments": {}
+}
+```
+
+### Get a special version or tag package
+
+```
+GET /:package/:tag_or_version
+```
+
+#### Reponse
+
+```json
+HTTP/1.1 200 OK
+Etag: "1WJ4JF535RO3BDZR2BARXSGLY"
+Content-Type: application/json
+Cache-Control: max-age=60
+Content-Length: 1183
+
+{
+  "name": "pedding",
+  "version": "1.0.0",
+  "description": "Just pedding for callback.",
+  "main": "index.js",
+  "scripts": {
+    "test": "make test-all"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/fengmk2/pedding.git"
+  },
+  "keywords": [
+    "pedding",
+    "callback"
+  ],
+  "devDependencies": {
+    "contributors": "*",
+    "mocha": "*",
+    "mocha-phantomjs": "*",
+    "component": "*",
+    "chai": "*"
+  },
+  "author": {
+    "name": "fengmk2",
+    "email": "fengmk2@gmail.com"
+  },
+  "license": "MIT",
+  "contributors": [
+    {
+      "name": "fengmk2",
+      "email": "fengmk2@gmail.com",
+      "url": "https://github.com/fengmk2"
+    },
+    {
+      "name": "dead-horse",
+      "email": "dead_horse@qq.com",
+      "url": "https://github.com/dead-horse"
+    }
+  ],
+  "gitHead": "b42a708414a704336e9dee570a963e2dbe43e529",
+  "bugs": {
+    "url": "https://github.com/fengmk2/pedding/issues"
+  },
+  "homepage": "https://github.com/fengmk2/pedding",
+  "_id": "pedding@1.0.0",
+  "_shasum": "7f5098d60307b4ef7240c3d693cb20a9473c6074",
+  "_from": ".",
+  "_npmVersion": "1.4.13",
+  "_npmUser": {
+    "name": "fengmk2",
+    "email": "fengmk2@gmail.com"
+  },
+  "maintainers": [
+    {
+      "name": "fengmk2",
+      "email": "fengmk2@gmail.com"
+    },
+    {
+      "name": "dead-horse",
+      "email": "dead_horse@qq.com"
+    }
+  ],
+  "dist": {
+    "shasum": "7f5098d60307b4ef7240c3d693cb20a9473c6074",
+    "tarball": "http://registry.npmjs.org/pedding/-/pedding-1.0.0.tgz"
+  },
+  "directories": {}
+}
+```
+
+### Publish a new package
+
+* Authentication required.
+
+```
+PUT /:package
+```
+
+#### Input
+
+```json
+{
+  "_id": "pedding",
+  "name": "pedding",
+  "description": "Just pedding for callback.",
+  "dist-tags": {
+    "latest": "1.0.0"
+  },
+  "versions": {
+    "1.0.0": {
+      "name": "pedding",
+      "version": "1.0.0",
+      "description": "Just pedding for callback.",
+      "main": "index.js",
+      "scripts": {
+        "test": "make test-all"
+      },
+      "repository": {
+        "type": "git",
+        "url": "git://github.com/fengmk2/pedding.git"
+      },
+      "keywords": [ "pedding","callback" ],
+      "devDependencies": {
+        "contributors": "*",
+        "mocha": "*",
+        "mocha-phantomjs": "*",
+        "component": "*",
+        "chai": "*"
+      },
+      "dependencies": {},
+      "author": {
+        "name": "fengmk2",
+        "email": "fengmk2@gmail.com"
+      },
+      "license": "MIT",
+      "contributors": [
+        {
+          "name": "fengmk2",
+          "email": "fengmk2@gmail.com",
+          "url": "https://github.com/fengmk2"
+        },
+        {
+          "name": "dead-horse",
+          "email": "dead_horse@qq.com",
+          "url": "https://github.com/dead-horse"
+        }
+      ],
+      "readme": "# pedding ...",
+      "readmeFilename": "README.md",
+      "gitHead": "b42a708414a704336e9dee570a963e2dbe43e529",
+      "bugs": {
+        "url": "https://github.com/fengmk2/pedding/issues"
+      },
+      "homepage": "https://github.com/fengmk2/pedding",
+      "_id": "pedding@1.0.0",
+      "_shasum": "7f5098d60307b4ef7240c3d693cb20a9473c6074",
+      "_from": ".",
+      "_npmVersion": "1.5.0-alpha-4",
+      "_npmUser": {
+        "name": "admin",
+        "email": "fengmk2@gmail.com"
+      },
+      "maintainers": [
+        {
+          "name": "admin",
+          "email": "fengmk2@gmail.com"
+        }
+      ],
+      "dist": {
+        "shasum": "7f5098d60307b4ef7240c3d693cb20a9473c6074",
+        "tarball": "https://registry.npmjs.org/pedding/-/pedding-1.0.0.tgz"
+      }
+    }
+  },
+  "readme": "# pedding ...",
+  "maintainers": [
+    {
+      "name": "admin",
+      "email": "fengmk2@gmail.com"
+    }
+  ],
+  "_attachments": {
+    "pedding-1.0.0.tgz":{
+      "content_type": "application/octet-stream",
+      "data": "H4sIAAAAAAAAA+0aa3PbNjKf8Su...",
+      "length": 2107
+    }
+  }
+}
+```
+
+#### Response
+
+```json
+Status: 201 Created
+
+{
+  "ok": true,
+  "rev": "11-e6d1e6e96eaf72433fef6aaabe843af8"
+}
+```
+
+### Update a package's tag
+
+* Authentication required.
+
+```
+PUT /:package/:tag
+```
+
+#### Input
+
+The total input body is the `version` string which's setting to the tag.
+
+```json
+"1.0.0"
+```
+
+#### Response
+
+```json
+Status: 201 Created
+
+{
+  "ok": true
+}
+```
+
+### Update a package's maintainers
+
+* Authentication required.
+
+```
+PUT /:package/-rev/:rev
+```
+
+#### Input
+
+```json
+{
+  "_id": "pedding",
+  "_rev": "11-e6d1e6e96eaf72433fef6aaabe843af8",
+  "maintainers":[
+    { "name": "fengmk2", "email": "fengmk2@gmail.com" },
+    { "name": "dead-horse", "email": "dead_horse@qq.com" }
+  ]
+}
+```
+
+#### Response
+
+```json
+Status: 201 Created
+
+{
+  "ok": true,
+  "id": "pedding",
+  "rev": "12-bb300a90c9aeb779748b83ec1b744039"
+}
+```
+
+### Remove one version from package
+
+* Authentication required.
+
+```
+PUT /:package/-rev/:rev
+```
+
+#### Input
+
+Example for removing `0.0.1` version:
+
+```json
+{
+  "_id": "pedding",
+  "_rev": "12-bb300a90c9aeb779748b83ec1b744039",
+  "name": "pedding",
+  "description": "desc",
+  "dist-tags": { "latest": "1.0.0" },
+  "maintainers":
+   [ ... ],
+  "time":
+   { ... },
+  "users": {},
+  "author": { ... },
+  "repository": { ... },
+  "versions":
+   { "1.0.0":
+      { ... },
+     "0.0.3":
+      { ... },
+     "0.0.2":
+      { ... } },
+  "readme": "...",
+  "homepage": "https://github.com/fengmk2/pedding",
+  "bugs": { ... },
+  "license": "MIT" }
+```
+
+#### Response
+
+```json
+Status: 201 Created
+
+{
+  "ok": true
+}
+```
+
+### Remove a tgz file from package
+
+* Authentication required.
+
+```
+DELETE /:tgzfilepath/-rev/:rev
+```
+
+Exmaple for removing `https://registry.npmjs.org/pedding/-/pedding-0.0.1.tgz` file:
+
+```
+DELETE /pedding/-/pedding-0.0.1.tgz/-rev/12-bb300a90c9aeb779748b83ec1b744039
+```
+
+#### Response
+
+```json
+Status: 200 OK
+
+{
+  "ok": true
+}
+```
+
+### List packages since from a update time
+
+```
+GET /-/all/since?stale=update_after&startkey=:startkey
+```
+
+* `startkey` is a ms timestamp
+
+#### Response
+
+```bash
+$ curl -i "https://registry.npmjs.org/-/all/since?stale=update_after&startkey=1407255748643"
+```
+
+```json
+HTTP/1.1 200 OK
+
+{
+  "_updated": 1407255883282,
+  "bacon-and-eggs": {
+    "name": "bacon-and-eggs",
+    "description": "A functional reactive Twitter API client in node",
+    "dist-tags": {
+      "latest": "0.0.4"
+    },
+    "maintainers": [
+      {
+        "name": "mikegroseclose",
+        "email": "mike.groseclose@gmail.com"
+      }
+    ],
+    "homepage": "http://github.com/mikegroseclose/bacon-and-eggs",
+    "keywords": [
+      "twitter",
+      "api",
+      "frp",
+      "functional",
+      "reactive",
+      "bacon",
+      "eggs",
+      "oauth",
+      "stream",
+      "streams"
+    ],
+    "repository": {
+      "type": "git",
+      "url": "git://github.com/mikegroseclose/gulp-regex-replace.git"
+    },
+    "author": {
+      "name": "Mike Groseclose",
+      "email": "mike.groseclose@gmail.com",
+      "url": "http://mikegroseclose.com"
+    },
+    "bugs": {
+      "url": "https://github.com/mikegroseclose/gulp-regex-replace/issues"
+    },
+    "readmeFilename": "README.md",
+    "time": {
+      "modified": "2014-08-05T16:21:17.041Z"
+    },
+    "versions": {
+      "0.0.4": "latest"
+    }
+  },
+  "git-perm-rm": {
+    "name": "git-perm-rm",
+    "description": "Permanently remove a file or directory from a git repo including all related commit records.",
+    "dist-tags": {
+      "latest": "1.0.1"
+    },
+    "maintainers": [
+      {
+        "name": "kael",
+        "email": "i@kael.me"
+      }
+    ],
+    "homepage": "https://github.com/kaelzhang/git-perm-rm",
+    "keywords": [
+      "git",
+      "rm",
+      "git-perm-rm",
+      "remove",
+      "permanently"
+    ],
+    "repository": {
+      "type": "git",
+      "url": "git://github.com/kaelzhang/git-perm-rm.git"
+    },
+    "author": {
+      "name": "Kael"
+    },
+    "bugs": {
+      "url": "https://github.com/kaelzhang/git-perm-rm/issues"
+    },
+    "license": "MIT",
+    "readmeFilename": "README.md",
+    "time": {
+      "modified": "2014-08-05T16:22:41.253Z"
+    },
+    "versions": {
+      "1.0.1": "latest"
+    }
+  }
+}
+```
+
+## User
+
+* [Get a single user](/docs/registry-api.md#get-a-single-user)
+* [Add a new user](/docs/registry-api.md#add-a-new-user)
+* [Update a exists user](/docs/registry-api.md#update-a-exists-user)
+
+### Get a single user
+
+```
+GET /-/user/org.couchdb.user::username
+```
+
+#### Response
+
+```json
+HTTP/1.1 200 OK
+ETag: "32-984ee97e01aea166dcab6d1517c730e3"
+
+{
+  "_id": "org.couchdb.user:fengmk2",
+  "_rev": "32-984ee97e01aea166dcab6d1517c730e3",
+  "name": "fengmk2",
+  "email": "fengmk2@gmail.com",
+  "type": "user",
+  "roles": [],
+  "date": "2014-08-04T10:43:07.063Z",
+  "fullname": "fengmk2",
+  "avatar": "https://secure.gravatar.com/avatar/95b9d41231617a05ced5604d242c9670?s=50&d=retro",
+  "freenode": "",
+  "github": "fengmk2",
+  "homepage": "http://fengmk2.github.com",
+  "twitter": "fengmk2",
+  "avatarMedium": "https://secure.gravatar.com/avatar/95b9d41231617a05ced5604d242c9670?s=100&d=retro",
+  "avatarLarge": "https://secure.gravatar.com/avatar/95b9d41231617a05ced5604d242c9670?s=496&d=retro",
+  "fields": [
+    {
+      "name": "fullname",
+      "value": "fengmk2",
+      "title": "Full Name",
+      "show": "fengmk2"
+    },
+    {
+      "name": "email",
+      "value": "fengmk2@gmail.com",
+      "title": "Email",
+      "show": "<a href=\"mailto:fengmk2@gmail.com\">fengmk2@gmail.com</a>"
+    },
+    {
+      "name": "github",
+      "value": "fengmk2",
+      "title": "Github",
+      "show": "<a rel=\"me\" href=\"https://github.com/fengmk2\">fengmk2</a>"
+    },
+    {
+      "name": "twitter",
+      "value": "fengmk2",
+      "title": "Twitter",
+      "show": "<a rel=\"me\" href=\"https://twitter.com/fengmk2\">@fengmk2</a>"
+    },
+    {
+      "name": "appdotnet",
+      "value": "",
+      "title": "App.net",
+      "show": ""
+    },
+    {
+      "name": "homepage",
+      "value": "http://fengmk2.github.com",
+      "title": "Homepage",
+      "show": "<a rel=\"me\" href=\"http://fengmk2.github.com/\">http://fengmk2.github.com</a>"
+    },
+    {
+      "name": "freenode",
+      "value": "",
+      "title": "IRC Handle",
+      "show": ""
+    }
+  ],
+  "appdotnet": "fengmk2"
+}
+```
+
+### Add a new user
+
+```
+PUT /-/user/org.couchdb.user::username
+```
+
+#### Input
+
+```json
+{
+  "name": "admin",
+  "password": "123",
+  "email": "fengmk2@gmail.com",
+  "_id": "org.couchdb.user:admin",
+  "type": "user",
+  "roles": [],
+  "date": "2014-08-05T16:05:17.792Z"
+}
+```
+
+#### Response
+
+```json
+Status: 201 Created
+
+{
+  "ok": true,
+  "id": "org.couchdb.user:fengmk2",
+  "rev": "32-984ee97e01aea166dcab6d1517c730e3"
+}
+```
+
+### Update a exists user
+
+* Authentication required.
+
+```
+PUT /-/user/org.couchdb.user::username/-rev/:rev
+```
+
+#### Input
+
+```json
+{
+  "name": "admin",
+  "password": "123",
+  "email": "fengmk2@gmail.com",
+  "_id": "org.couchdb.user:admin",
+  "type": "user",
+  "roles": [],
+  "date": "2014-08-05T16:05:17.792Z",
+  "_rev": "2-1a18c3d73ba42e863523a399ff3304d8"
+}
+```
+
+#### Response
+
+```json
+Status: 201 Created
+
+{
+  "ok": true,
+  "id": "org.couchdb.user:fengmk2",
+  "rev": "3-bb300a90c9aeb779748b83ec1b744039"
+}
+```
+
+## Search

middleware/auth.js

@@ -17,6 +17,11 @@
 var debug = require('debug')('cnpmjs.org:middleware:auth');
 var UserService = require('../services/user');
 
+/**
+ * Parse the request authorization
+ * get the real user
+ */
+
 module.exports = function (options) {
   return function* auth(next) {
     this.user = {};
@@ -36,7 +41,15 @@ module.exports = function (options) {
     var username = authorization[0];
     var password = authorization[1];
 
-    var row = yield* UserService.auth(username, password);
+    var row;
+    try {
+      row = yield* UserService.auth(username, password);
+    } catch (err) {
+      // do not response error here
+      // many request do not need login
+      this.user.error = err;
+    }
+
     if (!row) {
       debug('auth fail user: %j, headers: %j', row, this.header);
       return yield* next;

middleware/login.js

@@ -15,7 +15,17 @@
  */
 
 module.exports = function *login(next) {
+  if (this.user.error) {
+    this.status = this.user.error.status || 500;
+    this.body = {
+      error: this.user.error.name,
+      reason: this.user.error.message
+    };
+    return;
+  }
+
   if (!this.user.name) {
+
     this.status = 401;
     this.body = {
       error: 'unauthorized',

middleware/publishable.js

@@ -35,6 +35,12 @@ module.exports = function *publishable(next) {
   // if `config.forcePublishWithScope` set to true, only admins can publish without scope
 
   var name = this.params.name || this.params[0];
+
+  // check if is private package list in config
+  if (config.privatePackages && config.privatePackages.indexOf(name) !== -1) {
+    return yield* next;
+  }
+
   // scope
   if (name[0] === '@') {
     if (checkScope(name, this)) {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cnpmjs.org",
-  "version": "0.9.0",
+  "version": "1.2.2",
   "description": "Private npm registry and web for Enterprise, base on MySQL and Simple Store Service",
   "main": "index.js",
   "scripts": {
@@ -10,57 +10,58 @@
     "stop": "./bin/nodejsctl stop"
   },
   "dependencies": {
-    "bytes": "1.0.0",
-    "cheerio": "0.17.0",
-    "co": "3.0.6",
-    "co-defer": "0.1.0",
-    "co-gather": "0.0.1",
-    "co-read": "0.1.0",
-    "co-redis": "1.1.0",
-    "co-urllib": "0.2.3",
-    "co-write": "0.3.0",
-    "copy-to": "1.0.1",
-    "debug": "1.0.4",
-    "error-formater": "1.0.3",
-    "eventproxy": "0.3.1",
-    "giturl": "0.0.3",
-    "graceful": "0.1.0",
-    "gravatar": "1.0.6",
-    "humanize-number": "0.0.2",
-    "koa": "0.8.1",
-    "koa-limit": "1.0.2",
-    "koa-markdown": "0.0.3",
-    "koa-middlewares": "1.2.0",
-    "marked": "0.3.2",
-    "mime": "1.2.11",
-    "mini-logger": "0.3.0",
-    "mkdirp": "0.5.0",
-    "moment": "2.7.0",
-    "ms": "0.6.2",
-    "multiline": "0.3.4",
-    "mysql": "2.4.1",
+    "bytes": "~1.0.0",
+    "cfork": "~1.0.1",
+    "cheerio": "~0.17.0",
+    "co": "~3.1.0",
+    "co-defer": "~0.1.0",
+    "co-gather": "~0.0.1",
+    "co-read": "~0.1.0",
+    "co-redis": "~1.1.0",
+    "co-urllib": "~0.2.3",
+    "co-write": "~0.3.0",
+    "copy-to": "~1.0.1",
+    "debug": "~1.0.4",
+    "error-formater": "~1.0.3",
+    "eventproxy": "~0.3.1",
+    "giturl": "~0.0.3",
+    "graceful": "~0.1.0",
+    "gravatar": "~1.0.6",
+    "humanize-number": "~0.0.2",
+    "koa": "~0.9.0",
+    "koa-limit": "~1.0.2",
+    "koa-markdown": "~0.0.3",
+    "koa-middlewares": "~1.2.0",
+    "marked": "~0.3.2",
+    "mime": "~1.2.11",
+    "mini-logger": "~0.3.0",
+    "mkdirp": "~0.5.0",
+    "moment": "~2.8.1",
+    "ms": "~0.6.2",
+    "multiline": "~0.3.4",
+    "mysql": "~2.4.2",
     "nodemailer": "0.7.1",
-    "qn": "0.2.2",
-    "ready": "0.1.1",
-    "redis": "0.11.0",
-    "semver": "3.0.1",
-    "thunkify-wrap": "1.0.1",
-    "utility": "0.1.16"
+    "qn": "~0.2.2",
+    "ready": "~0.1.1",
+    "redis": "~0.11.0",
+    "semver": "~3.0.1",
+    "thunkify-wrap": "~1.0.2",
+    "utility": "~1.0.0"
   },
   "devDependencies": {
     "autod": "~0.2.0",
-    "chunkstream": "0.0.1",
+    "chunkstream": "~0.0.1",
     "co-mocha": "0.0.2",
     "contributors": "*",
     "cov": "*",
     "istanbul-harmony": "*",
     "jshint": "*",
-    "mm": "0.2.1",
+    "mm": "~0.2.1",
     "mocha": "*",
-    "pedding": "1.0.0",
-    "should": "4.0.4",
+    "pedding": "~1.0.0",
+    "should": "~4.0.4",
     "should-http": "0.0.1",
-    "supertest": "0.13.0"
+    "supertest": "~0.13.0"
   },
   "homepage": "https://github.com/cnpm/cnpmjs.org",
   "repository": {

proxy/module.js

@@ -162,26 +162,6 @@ exports.updateDescription = function (id, description, callback) {
   mysql.query(UPDATE_DESC_SQL, [description, id], callback);
 };
 
-var UPDATE_PACKAGE_SQL = multiline(function () {;/*
-  UPDATE
-    module
-  SET
-    package=?
-  WHERE
-    id=?;
-*/});
-exports.updateReadme = function (id, readme, callback) {
-  exports.getById(id, function (err, data) {
-    if (err) {
-      return callback(err);
-    }
-    data.package = data.package || {};
-    data.package.readme = readme;
-    var pkg = stringifyPackage(data.package);
-    mysql.query(UPDATE_PACKAGE_SQL, [pkg, id], callback);
-  });
-};
-
 var UPDATE_DIST_SQL = 'UPDATE module SET ? WHERE id=?';
 exports.update = function (mod, callback) {
   var pkg;
@@ -495,63 +475,6 @@ exports.removeByNameAndVersions = function (name, versions, callback) {
   mysql.query(DELETE_MODULE_BY_NAME_AND_VERSIONS_SQL, [name, versions], callback);
 };
 
-var LIST_BY_AUTH_SQLS = [];
-LIST_BY_AUTH_SQLS.push(multiline(function () {;/*
-  SELECT
-    distinct(name) AS name
-  FROM
-    module
-  WHERE
-    author=?
-  ORDER BY
-    publish_time DESC
-  LIMIT
-    100;
-*/}));
-LIST_BY_AUTH_SQLS.push(multiline(function () {;/*
-  SELECT
-    module_id
-  FROM
-    tag
-  WHERE
-    tag="latest" AND name IN (?);
-*/}));
-LIST_BY_AUTH_SQLS.push(multiline(function () {;/*
-  SELECT
-    name, description
-  FROM
-    module
-  WHERE
-    id IN (?)
-  ORDER BY
-    publish_time DESC;
-*/}));
-exports.listByAuthor = function (author, callback) {
-  var ep = eventproxy.create();
-  ep.fail(callback);
-  mysql.query(LIST_BY_AUTH_SQLS[0], [author], ep.done(function (rows) {
-    if (!rows || rows.length === 0) {
-      return callback(null, []);
-    }
-    ep.emit('names', rows.map(function (r) {
-      return r.name;
-    }));
-  }));
-  ep.on('names', function (names) {
-    mysql.query(LIST_BY_AUTH_SQLS[1], [names], ep.done(function (rows) {
-      if (!rows || rows.length === 0) {
-        return callback(null, []);
-      }
-      ep.emit('ids', rows.map(function (r) {
-        return r.module_id;
-      }));
-    }));
-  });
-  ep.on('ids', function (ids) {
-    mysql.query(LIST_BY_AUTH_SQLS[2], [ids], callback);
-  });
-};
-
 var SEARCH_MODULES_SQL = multiline(function () {;/*
   SELECT
     module_id
@@ -704,3 +627,138 @@ exports.getAdaptName = function* (name) {
   }
   return;
 };
+
+exports.listPrivates = function* () {
+  var scopes = config.scopes;
+  if (!scopes || !scopes.length) {
+    return [];
+  }
+  var privatePackages = config.privatePackages || [];
+
+  var args = [];
+  var sql = 'SELECT module_id AS id FROM tag WHERE tag="latest" AND (';
+  var wheres = [];
+
+  scopes.forEach(function (scope) {
+    wheres.push('name LIKE ?');
+    args.push(scope + '%');
+  });
+
+  if (privatePackages.length) {
+    wheres.push('name in (?)');
+    args.push(privatePackages);
+  }
+
+  sql = sql + wheres.join(' OR ') + ')';
+
+  var ids = yield mysql.query(sql, args);
+  ids = ids.map(function (row) {
+    return row.id;
+  });
+
+  if (!ids.length) {
+    return [];
+  }
+
+  return yield mysql.query(QUERY_MODULES_BY_ID_SQL, [ids]);
+};
+
+var LIST_BY_AUTH_SQLS = [];
+LIST_BY_AUTH_SQLS.push(multiline(function () {;/*
+  SELECT
+    distinct(name) AS name
+  FROM
+    module
+  WHERE
+    author=?
+  ORDER BY
+    publish_time DESC
+  LIMIT
+    100;
+*/}));
+LIST_BY_AUTH_SQLS.push(multiline(function () {;/*
+  SELECT
+    name
+  FROM
+    module_maintainer
+  WHERE
+    user = ?
+*/}));
+LIST_BY_AUTH_SQLS.push(multiline(function () {;/*
+  SELECT
+    module_id
+  FROM
+    tag
+  WHERE
+    tag="latest" AND name IN (?);
+*/}));
+LIST_BY_AUTH_SQLS.push(multiline(function () {;/*
+  SELECT
+    name, description
+  FROM
+    module
+  WHERE
+    id IN (?)
+  ORDER BY
+    publish_time DESC;
+*/}));
+exports.listByAuthor = function* (author, callback) {
+  var names = yield [
+    mysql.query(LIST_BY_AUTH_SQLS[0], [author]),
+    mysql.query(LIST_BY_AUTH_SQLS[1], [author])
+  ];
+
+  names = names[0].concat(names[1]).map(function (n) {
+    return n.name;
+  }).sort();
+
+  if (!names.length) {
+    return [];
+  }
+
+  var ids = yield mysql.query(LIST_BY_AUTH_SQLS[2], [names]);
+  if (!ids.length) {
+    return [];
+  }
+
+  ids = ids.map(function (i) {
+    return i.module_id;
+  });
+  return yield mysql.query(LIST_BY_AUTH_SQLS[3], [ids]);
+};
+
+var UPDATE_PACKAGE_SQL = multiline(function () {;/*
+  UPDATE
+    module
+  SET
+    package=?
+  WHERE
+    id=?;
+*/});
+
+exports.updatePackage = function* (id, pkg) {
+  pkg = stringifyPackage(pkg);
+  return yield mysql.query(UPDATE_PACKAGE_SQL, [pkg, id]);
+};
+
+exports.updatePackageFields = function* (id, fields) {
+  var data = yield exports.getById(id);
+  if (!data) {
+    throw new Error('module#' + id + ' not exists');
+  }
+  data.package = data.package || {};
+  for (var k in fields) {
+    data.package[k] = fields[k];
+  }
+  return yield* exports.updatePackage(id, data.package);
+};
+
+exports.updateReadme = function* (id, readme) {
+  var data = yield exports.getById(id);
+  if (!data) {
+    throw new Error('module#' + id + ' not exists');
+  }
+  data.package = data.package || {};
+  data.package.readme = readme;
+  return yield* exports.updatePackage(id, data.package);
+};

proxy/module_maintainer.js

@@ -44,6 +44,20 @@ function* remove(name, usernames) {
   return yield mysql.query(REMOVE_SQL, [name, usernames]);
 }
 
+var REMOVE_ALL_SQL = 'DELETE FROM module_maintainer WHERE name = ?';
+
+exports.removeAll = function* (name) {
+  return yield mysql.query(REMOVE_ALL_SQL, [name]);
+};
+
+exports.addMulti = function* (name, usernames) {
+  var tasks = [];
+  for (var i = 0; i < usernames.length; i++) {
+    tasks.push(add(name, usernames[i]));
+  }
+  return yield tasks;
+};
+
 exports.update = function* (name, maintainers) {
   // maintainers should be [name1, name2, ...] format
   // find out the exists maintainers then remove the deletes and add the left
@@ -64,11 +78,8 @@ exports.update = function* (name, maintainers) {
       }
     }
   }
-  var tasks = [];
-  for (var i = 0; i < addUsers.length; i++) {
-    tasks.push(add(name, addUsers[i]));
-  }
-  yield tasks;
+
+  yield* exports.addMulti(name, addUsers);
   // make sure all add users success then remove users
   if (removeUsers.length > 0) {
     yield* remove(name, removeUsers);

proxy/sync_module_worker.js

@@ -76,12 +76,14 @@ SyncModuleWorker.prototype.finish = function () {
   if (this._finished || Object.keys(this.syncingNames).length > 0) {
     return;
   }
+  this._finished = true;
   this.log('[done] Sync %s module finished, %d success, %d fail\nSuccess: [ %s ]\nFail: [ %s ]',
     this.startName,
     this.successes.length, this.fails.length,
     this.successes.join(', '), this.fails.join(', '));
   this.emit('end');
-  this._finished = true;
+  // make sure all event listeners release
+  this.removeAllListeners();
 };
 
 SyncModuleWorker.prototype.log = function (format, arg1, arg2) {
@@ -339,6 +341,7 @@ SyncModuleWorker.prototype._sync = function* (name, pkg) {
   var missingReadmes = [];
   var missingStarUsers = [];
   var npmUsernames = {};
+  var missingDeprecateds = [];
 
   // find out all user names
   for (var v in pkg.versions) {
@@ -428,8 +431,9 @@ SyncModuleWorker.prototype._sync = function* (name, pkg) {
     var sourceAuthor = version.maintainers && version.maintainers[0] &&
       version.maintainers[0].name || exists.author;
 
-    if (exists.package && exists.package.dist.shasum === version.dist.shasum &&
-      exists.author === sourceAuthor) {
+    if (exists.package &&
+        exists.package.dist.shasum === version.dist.shasum &&
+        exists.author === sourceAuthor) {
       // * author make sure equal
       // * shasum make sure equal
       if ((version.publish_time === exists.publish_time) ||
@@ -452,6 +456,14 @@ SyncModuleWorker.prototype._sync = function* (name, pkg) {
             readme: version.readme
           });
         }
+
+        if (version.deprecated && version.deprecated !== exists.package.deprecated) {
+          // need to sync deprecated field
+          missingDeprecateds.push({
+            id: exists.id,
+            deprecated: version.deprecated
+          });
+        }
         continue;
       }
     }
@@ -602,6 +614,29 @@ SyncModuleWorker.prototype._sync = function* (name, pkg) {
     }
   }
 
+  function *syncDeprecateds() {
+    if (missingDeprecateds.length === 0) {
+      return;
+    }
+    that.log('  [%s] saving %d Deprecated fields', name, missingDeprecateds.length);
+
+    var res = yield gather(missingDeprecateds.map(function (item) {
+      return Module.updatePackageFields(item.id, {
+        deprecated: item.deprecated
+      });
+    }));
+
+    for (var i = 0; i < res.length; i++) {
+      var item = missingDeprecateds[i];
+      var r = res[i];
+      if (r.error) {
+        that.log('    save error, id: %s, error: %s', item.id, r.error.message);
+      } else {
+        that.log('    saved, id: %s', item.id);
+      }
+    }
+  }
+
   function *syncMissingUsers() {
     var missingUsers = [];
     var names = Object.keys(npmUsernames);
@@ -658,7 +693,9 @@ SyncModuleWorker.prototype._sync = function* (name, pkg) {
     }
   }
 
-  yield [syncDes(), syncTag(), syncReadme(), syncMissingStarUsers(), syncMissingUsers()];
+  yield [
+    syncDes(), syncTag(), syncReadme(), syncDeprecateds(),
+    syncMissingStarUsers(), syncMissingUsers()];
   return syncedVersionNames;
 };
 

proxy/user.js

@@ -152,7 +152,7 @@ exports.saveNpmUser = function* (user) {
 
 exports.saveCustomUser = function* (data) {
   var sql = 'SELECT id, json FROM user WHERE name=?;';
-  var row = yield mysql.queryOne(sql, [data.user.name]);
+  var row = yield mysql.queryOne(sql, [data.user.login]);
   var salt = data.salt || '0';
   var password_sha = data.password_sha || '0';
   var ip = data.ip || '0';

routes/web.js

@@ -31,6 +31,8 @@ function routes(app) {
   app.get('/package/:name', pkg.display);
   app.get('/package/:name/:version', pkg.display);
 
+  app.get('/privates', pkg.listPrivates);
+
   app.get(/\/browse\/keyword\/(@[\w\-\.]+\/[\w\-\.]+)$/, pkg.search);
   app.get('/browse/keyword/:word', pkg.search);
 

servers/web.js

@@ -105,6 +105,7 @@ routes(app);
 
 app.on('error', function (err, ctx) {
   err.url = err.url || ctx.request.url;
+  console.log(err.stack);
   logger.error(err);
 });
 

services/package.js

@@ -36,6 +36,10 @@ exports.listMaintainerNamesOnly = function* (name) {
   return yield* ModuleMaintainer.get(name);
 };
 
+exports.addMaintainers = function* (name, usernames) {
+  return yield* ModuleMaintainer.addMulti(name, usernames);
+};
+
 exports.updateMaintainers = function* (name, usernames) {
   var rs = yield [
     ModuleMaintainer.update(name, usernames),
@@ -44,6 +48,10 @@ exports.updateMaintainers = function* (name, usernames) {
   return rs[0];
 };
 
+exports.removeAllMaintainers = function* (name) {
+  return yield* ModuleMaintainer.removeAll(name);
+};
+
 exports.isMaintainer = function* (name, username) {
   var rs = yield [
     ModuleMaintainer.get(name),

test/controllers/registry/deprecate.test.js

@@ -0,0 +1,211 @@
+/**!
+ * cnpmjs.org - test/controllers/registry/deprecate.test.js
+ *
+ * Copyright(c) cnpmjs.org and other contributors.
+ * MIT Licensed
+ *
+ * Authors:
+ *  fengmk2 <fengmk2@gmail.com> (http://fengmk2.github.com)
+ */
+
+'use strict';
+
+/**
+ * Module dependencies.
+ */
+
+var fs = require('fs');
+var path = require('path');
+var should = require('should');
+var request = require('supertest');
+var mm = require('mm');
+var pedding = require('pedding');
+var app = require('../../../servers/registry');
+var utils = require('../../utils');
+
+var fixtures = path.join(path.dirname(path.dirname(__dirname)), 'fixtures');
+
+describe('controllers/registry/deprecate.test.js', function () {
+  var pkgname = 'testmodule-deprecate';
+  before(function (done) {
+    done = pedding(2, done);
+    var pkg = utils.getPackage(pkgname, '0.0.1', utils.admin);
+
+    request(app.listen())
+    .put('/' + pkgname)
+    .set('authorization', utils.adminAuth)
+    .send(pkg)
+    .expect(201, function (err) {
+      should.not.exist(err);
+      pkg = utils.getPackage(pkgname, '0.0.2', utils.admin);
+      // publish 0.0.2
+      request(app.listen())
+      .put('/' + pkgname)
+      .set('authorization', utils.adminAuth)
+      .send(pkg)
+      .expect(201, done);
+    });
+
+    pkg = utils.getPackage(pkgname, '1.0.0', utils.admin);
+    request(app.listen())
+    .put('/' + pkgname)
+    .set('authorization', utils.adminAuth)
+    .send(pkg)
+    .expect(201, done);
+  });
+
+  afterEach(mm.restore);
+
+  describe('PUT /:name', function () {
+    it('should deprecate version@1.0.0', function (done) {
+      request(app.listen())
+      .put('/' + pkgname)
+      .set('authorization', utils.adminAuth)
+      .send({
+        name: pkgname,
+        versions: {
+          '1.0.0': {
+            deprecated: 'mock test deprecated message 1.0.0'
+          }
+        }
+      })
+      .expect({
+        ok: true
+      })
+      .expect(201, function (err, res) {
+        should.not.exist(err);
+        request(app.listen())
+        .get('/' + pkgname + '/1.0.0')
+        .expect(200, function (err, res) {
+          should.not.exist(err);
+          res.body.deprecated.should.equal('mock test deprecated message 1.0.0');
+
+          // undeprecated
+          request(app.listen())
+          .put('/' + pkgname)
+          .set('authorization', utils.adminAuth)
+          .send({
+            name: pkgname,
+            versions: {
+              '1.0.0': {
+                deprecated: ''
+              }
+            }
+          })
+          .expect({
+            ok: true
+          })
+          .expect(201, function (err) {
+            should.not.exist(err);
+            request(app.listen())
+            .get('/' + pkgname + '/1.0.0')
+            .expect(200, function (err, res) {
+              should.not.exist(err);
+              res.body.deprecated.should.equal('');
+              done();
+            });
+          });
+        });
+      });
+    });
+
+    it('should deprecate version@<1.0.0', function (done) {
+      request(app.listen())
+      .put('/' + pkgname)
+      .set('authorization', utils.adminAuth)
+      .send({
+        name: pkgname,
+        versions: {
+          '1.0.0': {
+            version: '1.0.0'
+          },
+          '0.0.1': {
+            deprecated: 'mock test deprecated message 0.0.1'
+          },
+          '0.0.2': {
+            deprecated: 'mock test deprecated message 0.0.2'
+          }
+        }
+      })
+      .expect({
+        ok: true
+      })
+      .expect(201, function (err, res) {
+        should.not.exist(err);
+        done = pedding(3, done);
+
+        request(app.listen())
+        .get('/' + pkgname + '/0.0.1')
+        .expect(200, function (err, res) {
+          should.not.exist(err);
+          res.body.deprecated.should.equal('mock test deprecated message 0.0.1');
+          done();
+        });
+
+        request(app.listen())
+        .get('/' + pkgname + '/0.0.2')
+        .expect(200, function (err, res) {
+          should.not.exist(err);
+          res.body.deprecated.should.equal('mock test deprecated message 0.0.2');
+          done();
+        });
+
+        // not change 1.0.0
+        request(app.listen())
+        .get('/' + pkgname + '/1.0.0')
+        .expect(200, function (err, res) {
+          should.not.exist(err);
+          res.body.deprecated.should.equal('');
+          done();
+        });
+      });
+    });
+
+    it('should 404 deprecate not exists version', function (done) {
+      request(app.listen())
+      .put('/' + pkgname)
+      .set('authorization', utils.adminAuth)
+      .send({
+        name: pkgname,
+        versions: {
+          '1.0.1': {
+            deprecated: 'mock test deprecated message'
+          },
+          '1.0.0': {
+            deprecated: 'mock test deprecated message'
+          }
+        }
+      })
+      .expect({
+        error: 'version_error',
+        reason: 'Some versions: ["1.0.1","1.0.0"] not found'
+      })
+      .expect(400, done);
+    });
+
+    it('should 403', function (done) {
+      request(app.listen())
+      .put('/' + pkgname)
+      .set('authorization', utils.otherUserAuth)
+      .send({
+        name: pkgname,
+        versions: {
+          '1.0.0': {
+            version: '1.0.0'
+          },
+          '0.0.1': {
+            deprecated: 'mock test deprecated message 0.0.1'
+          },
+          '0.0.2': {
+            deprecated: 'mock test deprecated message 0.0.2'
+          }
+        }
+      })
+      .expect({
+        error: 'no_perms',
+        reason: 'Private mode enable, only admin can publish this module'
+      })
+      .expect(403, done);
+    });
+  });
+});

test/controllers/registry/module.test.js

@@ -30,6 +30,7 @@ var controller = require('../../../controllers/registry/module');
 var ModuleDeps = require('../../../proxy/module_deps');
 var SyncModuleWorker = require('../../../proxy/sync_module_worker');
 var utils = require('../../utils');
+var mysql = require('../../../common/mysql');
 
 var fixtures = path.join(path.dirname(path.dirname(__dirname)), 'fixtures');
 
@@ -476,7 +477,7 @@ describe('controllers/registry/module.test.js', function () {
       .send(pkg)
       .expect(400, function (err, res) {
         should.not.exist(err);
-        res.body.reason.should.containEql('filename or version not found');
+        res.body.reason.should.equal('version undefined not found');
         done();
       });
     });
@@ -501,7 +502,7 @@ describe('controllers/registry/module.test.js', function () {
         should.not.exist(err);
         res.body.should.eql({
           error: 'version_error',
-          reason: 'filename or version not found, filename: undefined, version: undefined'
+          reason: 'version undefined not found'
         });
         done();
       });
@@ -532,7 +533,8 @@ describe('controllers/registry/module.test.js', function () {
 
   describe('PUT /:name publish new flow addPackageAndDist()', function () {
     it('should publish with tgz base64, addPackageAndDist()', function (done) {
-      var pkg = utils.getPackage('testpublishmodule', '0.0.2');
+      done = pedding(2, done);
+      var pkg = utils.getPackage('testpublishmodule-new-add', '0.0.2');
       request(app)
       .put('/' + pkg.name)
       .set('authorization', utils.adminAuth)
@@ -555,6 +557,15 @@ describe('controllers/registry/module.test.js', function () {
           });
           done();
         });
+
+        // maintainers should exists
+        mysql.query('SELECT user FROM module_maintainer WHERE name=?', ['testpublishmodule-new-add'],
+        function (err, rows) {
+          should.not.exist(err);
+          rows.length.should.above(0);
+          rows.should.eql([ { user: 'cnpmjstest10' } ]);
+          done();
+        });
       });
     });
 
@@ -569,7 +580,7 @@ describe('controllers/registry/module.test.js', function () {
         should.not.exist(err);
         res.body.should.eql({
           error: 'version_error',
-          reason: 'filename or version not found, filename: mk2testmodule-0.0.1.tgz, version: undefined'
+          reason: 'version undefined not found'
         });
         done();
       });
@@ -922,7 +933,7 @@ describe('controllers/registry/module.test.js', function () {
         .expect(201, done);
       });
 
-      it('shold fail when user not maintainer', function (done) {
+      it('should fail when user not maintainer', function (done) {
         request(app)
         .del('/remove-all-module/-rev/1')
         .set('authorization', utils.otherUserAuth)
@@ -936,14 +947,19 @@ describe('controllers/registry/module.test.js', function () {
         });
       });
 
-      it('shold ok', function (done) {
+      it('should remove all versions ok', function (done) {
         request(app)
         .del('/remove-all-module/-rev/1')
         .set('authorization', utils.adminAuth)
         .expect(200, function (err, res) {
           should.not.exist(err);
           should.not.exist(res.headers['set-cookie']);
-          done();
+          mysql.query('SELECT * FROM module_maintainer WHERE name=?', ['remove-all-module'],
+          function (err, rows) {
+            should.not.exist(err);
+            rows.should.length(0);
+            done();
+          });
         });
       });
     });

test/controllers/registry/module/config_private_packages.test.js

@@ -0,0 +1,105 @@
+/*!
+ * cnpmjs.org - test/controllers/registry/module/public_mode.test.js
+ * Copyright(c) 2014 dead_horse <dead_horse@qq.com>
+ * MIT Licensed
+ */
+
+'use strict';
+
+/**
+ * Module dependencies.
+ */
+
+var should = require('should');
+var request = require('supertest');
+var mm = require('mm');
+var config = require('../../../../config');
+var app = require('../../../../servers/registry');
+var utils = require('../../../utils');
+
+describe('controllers/registry/module/config_private_packages.test.js', function () {
+  beforeEach(function () {
+    mm(config, 'enablePrivate', false);
+    mm(config, 'forcePublishWithScope', true);
+    mm(config, 'privatePackages', ['private-package']);
+  });
+
+  after(mm.restore);
+  it('should publish with tgz base64, addPackageAndDist()', function (done) {
+    var pkg = utils.getPackage('private-package', '0.0.1', utils.otherUser);
+    request(app)
+    .put('/' + pkg.name)
+    .set('authorization', utils.otherUserAuth)
+    .send(pkg)
+    .expect(201, function (err, res) {
+      should.not.exist(err);
+      res.body.should.have.keys('ok', 'rev');
+      res.body.ok.should.equal(true);
+      pkg = utils.getPackage('private-package', '0.0.1', utils.otherUser);
+      // upload again should 403
+      request(app)
+      .put('/' + pkg.name)
+      .set('authorization', utils.otherUserAuth)
+      .send(pkg)
+      .expect(403, function (err, res) {
+        should.not.exist(err);
+        res.body.should.eql({
+          error: 'forbidden',
+          reason: 'cannot modify pre-existing version: 0.0.1'
+        });
+        done();
+      });
+    });
+  });
+
+  it('should other user publish 403', function (done) {
+    var pkg = utils.getPackage('private-package', '0.0.2', utils.secondUser);
+    request(app)
+    .put('/' + pkg.name)
+    .set('authorization', utils.secondUserAuth)
+    .send(pkg)
+    .expect(/forbidden user/)
+    .expect(403, done);
+  });
+
+  it('should admin publish 403', function (done) {
+    var pkg = utils.getPackage('private-package', '0.0.2', utils.admin);
+    request(app)
+    .put('/' + pkg.name)
+    .set('authorization', utils.adminAuth)
+    .send(pkg)
+    .expect(/forbidden user/)
+    .expect(403, done);
+  });
+
+  it('should add again new maintainers', function (done) {
+    request(app)
+    .put('/private-package/-rev/1')
+    .send({
+      maintainers: [{
+        name: 'cnpmjstest101',
+        email: 'cnpmjstest101@cnpmjs.org'
+      }, {
+        name: 'fengmk2',
+        email: 'fengmk2@cnpmjs.org'
+      }]
+    })
+    .set('authorization', utils.otherUserAuth)
+    .expect(201)
+    .expect('content-type', 'application/json; charset=utf-8', done);
+  });
+
+  it('should remove maintainers', function (done) {
+    request(app)
+    .put('/private-package/-rev/1')
+    .send({
+      maintainers: [{
+        name: 'cnpmjstest101',
+        email: 'cnpmjstest101@cnpmjs.org'
+      }]
+    })
+    .set('authorization', utils.otherUserAuth)
+    .expect(201)
+    .expect('content-type', 'application/json; charset=utf-8', done);
+  });
+});

test/controllers/registry/module/public_mode.test.js

@@ -560,7 +560,7 @@ describe('controllers/registry/module/public_module.test.js', function () {
       mm(config, 'enablePrivate', false);
       mm(config, 'forcePublishWithScope', false);
     });
-    before(function (done) {
+    beforeEach(function (done) {
       mm(config, 'enablePrivate', false);
       mm(config, 'forcePublishWithScope', false);
       var pkg = utils.getPackage('public-test-delete-download-module', '0.1.9', utils.otherUser);
@@ -569,9 +569,11 @@ describe('controllers/registry/module/public_module.test.js', function () {
       .set('content-type', 'application/json')
       .set('authorization', utils.otherUserAuth)
       .send(pkg)
-      .expect(201, function (err, res) {
+      .end(function (err, res) {
         should.not.exist(err);
-        withoutScopeRev = res.body.rev;
+        if (res.body.rev) {
+          withoutScopeRev = res.body.rev;
+        }
         done();
       });
     });
@@ -603,7 +605,7 @@ describe('controllers/registry/module/public_module.test.js', function () {
         mm(config, 'enablePrivate', false);
         mm(config, 'forcePublishWithScope', true);
       });
-      before(function (done) {
+      beforeEach(function (done) {
         mm(config, 'enablePrivate', false);
         mm(config, 'forcePublishWithScope', true);
         var pkg = utils.getPackage('@cnpm/public-test-delete-download-module', '0.1.9', utils.otherUser);
@@ -612,9 +614,11 @@ describe('controllers/registry/module/public_module.test.js', function () {
         .set('content-type', 'application/json')
         .set('authorization', utils.otherUserAuth)
         .send(pkg)
-        .expect(201, function (err, res) {
+        .end(function (err, res) {
           should.not.exist(err);
-          withScopeRev = res.body.rev;
+          if (res.body.rev) {
+            withScopeRev = res.body.rev;
+          }
           done();
         });
       });

test/controllers/registry/user.test.js

@@ -342,5 +342,27 @@ describe('controllers/registry/user.test.js', function () {
         done();
       });
     });
+
+    it('should show error json when userSerive.auth throw error', function (done) {
+      mm(UserService, 'auth', function* () {
+        var err = new Error('mock user service auth error, please visit http://ooxx.net/user to sigup first');
+        err.name = 'UserSeriveAuthError';
+        err.status = 401;
+        throw err;
+      });
+
+      request(app)
+      .put('/-/user/org.couchdb.user:cnpmjstest10')
+      .send({
+        name: 'cnpmjstest10',
+        password: 'cnpmjstest10',
+        email: 'cnpmjstest10@cnpmjs.org'
+      })
+      .expect({
+        error: 'UserSeriveAuthError',
+        reason: 'mock user service auth error, please visit http://ooxx.net/user to sigup first'
+      })
+      .expect(401, done);
+    });
   });
 });

test/controllers/sync.test.js

@@ -43,14 +43,14 @@ describe('controllers/sync.test.js', function () {
 
     it('should sync as publish success', function (done) {
       request(registryApp)
-      .del('/utility/-rev/123')
+      .del('/pedding/-rev/123')
       .set('authorization', baseauth)
       .end(function (err, res) {
         should.not.exist(err);
 
         mm.data(Npm, 'get', require(path.join(fixtures, 'utility.json')));
         request(registryApp)
-        .put('/utility/sync?publish=true&nodeps=true')
+        .put('/pedding/sync?publish=true&nodeps=true')
         .set('authorization', baseauth)
         .end(function (err, res) {
           should.not.exist(err);
@@ -75,7 +75,7 @@ describe('controllers/sync.test.js', function () {
     it('should sync through web success', function (done) {
       mm.data(Npm, 'get', require(path.join(fixtures, 'utility.json')));
       request(webApp)
-      .put('/sync/utility')
+      .put('/sync/pedding')
       .end(function (err, res) {
         should.not.exist(err);
         res.body.should.have.keys('ok', 'logId');
@@ -87,7 +87,7 @@ describe('controllers/sync.test.js', function () {
     it('should sync through registry success', function (done) {
       mm.data(Npm, 'get', require(path.join(fixtures, 'utility.json')));
       request(registryApp)
-      .put('/utility/sync')
+      .put('/pedding/sync')
       .set('authorization', baseauth)
       .end(function (err, res) {
         should.not.exist(err);
@@ -100,7 +100,7 @@ describe('controllers/sync.test.js', function () {
     it('should get sync log', function (done) {
       done = pedding(2, done);
       request(registryApp)
-      .get('/utility/sync/log/' + logIdRegistry)
+      .get('/pedding/sync/log/' + logIdRegistry)
       .end(function (err, res) {
         should.not.exist(err);
         res.body.should.have.keys('ok', 'log');
@@ -108,7 +108,7 @@ describe('controllers/sync.test.js', function () {
       });
 
       request(webApp)
-      .get('/sync/utility/log/' + logIdWeb)
+      .get('/sync/pedding/log/' + logIdWeb)
       .end(function (err, res) {
         should.not.exist(err);
         res.body.should.have.keys('ok', 'log');

test/controllers/web/package.test.js

@@ -25,6 +25,7 @@ var registry = require('../../../servers/registry');
 var pkg = require('../../../controllers/web/package');
 var SyncModuleWorker = require('../../../proxy/sync_module_worker');
 var utils = require('../../utils');
+var config = require('../../../config');
 
 var fixtures = path.join(path.dirname(path.dirname(__dirname)), 'fixtures');
 
@@ -217,7 +218,7 @@ describe('controllers/web/package.test.js', function () {
   describe('unpublished package', function () {
     before(function (done) {
       var worker = new SyncModuleWorker({
-        name: ['browserjs'],
+        name: ['tnpm'],
         username: 'fengmk2'
       });
 
@@ -225,16 +226,33 @@ describe('controllers/web/package.test.js', function () {
       worker.on('end', function () {
         var names = worker.successes.concat(worker.fails);
         names.sort();
-        names.should.eql(['browserjs']);
+        names.should.eql(['tnpm']);
         done();
       });
     });
 
     it('should display unpublished info', function (done) {
       request(app)
-      .get('/package/browserjs')
+      .get('/package/tnpm')
       .expect(200)
       .expect(/This package has been unpublished\./, done);
     });
   });
+
+  describe('GET /privates', function () {
+    it('should response no private packages', function (done) {
+      mm(config, 'scopes', []);
+      request(app)
+      .get('/privates')
+      .expect(/Can not found private package/)
+      .expect(200, done);
+    });
+
+    it('should response no private packages', function (done) {
+      request(app)
+      .get('/privates')
+      .expect(/Private packages in this registry/)
+      .expect(200, done);
+    });
+  });
 });

test/fixtures/scope-package/lib/scope-package.js

@@ -14,4 +14,4 @@
  * Module dependencies.
  */
 
-var varname = require('modulename');
+var koa = require('koa');

test/middleware/auth.test.js

@@ -20,6 +20,8 @@ var request = require('supertest');
 var app = require('../../servers/registry');
 var mm = require('mm');
 var mysql = require('../../common/mysql');
+var config = require('../../config');
+var UserService = require('../../services/user');
 
 describe('middleware/auth.test.js', function () {
   before(function (done) {
@@ -60,5 +62,29 @@ describe('middleware/auth.test.js', function () {
       .set('authorization', 'basic ' + new Buffer('cnpmjstest10:cnpmjstest10').toString('base64'))
       .expect(500, done);
     });
+
+    describe('config.customUserService = true', function () {
+      beforeEach(function () {
+        mm(config, 'customUserService', true);
+      });
+
+      it('should 401 when user service auth throw error', function (done) {
+        mm(UserService, 'auth', function* () {
+          var err = new Error('mock user service auth error, please visit http://ooxx.net/user to sigup first');
+          err.name = 'UserSeriveAuthError';
+          err.status = 401;
+          throw err;
+        });
+
+        request(app)
+        .put('/-/user/org.couchdb.user:cnpmjstest10/-rev/1')
+        .set('authorization', 'basic ' + new Buffer('cnpmjstest10:cnpmjstest10').toString('base64'))
+        .expect({
+          error: 'UserSeriveAuthError',
+          reason: 'mock user service auth error, please visit http://ooxx.net/user to sigup first'
+        })
+        .expect(401, done);
+      });
+    });
   });
 });

test/proxy/module.test.js

@@ -18,13 +18,30 @@ var should = require('should');
 var mm = require('mm');
 var fs = require('fs');
 var path = require('path');
+var request = require('supertest');
 var mysql = require('../../common/mysql');
 var Module = require('../../proxy/module');
+var config = require('../../config');
+var utils = require('../utils');
+var app = require('../../servers/registry');
 
 var fixtures = path.join(path.dirname(__dirname), 'fixtures');
 
 var id;
+var pkgname = 'module-proxy-test-pkg';
+var pkgversion = '1.0.0';
+
 describe('proxy/module.test.js', function () {
+
+  before(function (done) {
+    var pkg = utils.getPackage(pkgname, pkgversion, utils.admin);
+    request(app.listen())
+    .put('/' + pkgname)
+    .set('authorization', utils.adminAuth)
+    .send(pkg)
+    .expect(201, done);
+  });
+
   afterEach(mm.restore);
 
   describe('addTag()', function () {
@@ -144,27 +161,21 @@ describe('proxy/module.test.js', function () {
   });
 
   describe('listByAuthor()', function () {
-    it('should return author recent modules', function (done) {
-      Module.listByAuthor('fengmk2', function (err, rows) {
-        should.not.exist(err);
-        rows.forEach(function (r) {
-          r.should.have.keys('name', 'description');
-        });
-        done();
+    it('should return author recent modules', function* () {
+      var rows = yield Module.listByAuthor('fengmk2');
+      rows.forEach(function (r) {
+        r.should.have.keys('name', 'description');
       });
     });
   });
 
   describe('updateReadme()', function () {
-    it('should update ok', function (done) {
-      Module.updateReadme(id, 'test', function (err, data) {
-        should.not.exist(err);
-        Module.getById(id, function (err, data) {
-          should.not.exist(err);
-          data.package.readme.should.equal('test');
-          done();
-        });
-      });
+    it('should update ok', function* () {
+      var row = yield Module.get(pkgname, pkgversion);
+      should.exist(row);
+      yield* Module.updateReadme(row.id, 'test');
+      var data = yield Module.getById(row.id);
+      data.package.readme.should.equal('test');
     });
   });
 
@@ -173,4 +184,26 @@ describe('proxy/module.test.js', function () {
       yield* Module.removeTagsByNames('foo', ['latest', '1.0']);
     });
   });
+
+  describe('listPrivates()', function () {
+    it('should response [] if scopes not present', function* () {
+      mm(config, 'scopes', []);
+      var modules = yield Module.listPrivates();
+      modules.should.eql([]);
+    });
+
+    it('should response [] if private modules not present', function* () {
+      mm(config, 'privatePackages', []);
+      mm(config, 'scopes', ['@not-exist']);
+      var modules = yield Module.listPrivates();
+      modules.should.eql([]);
+    });
+
+    it('should work', function* () {
+      var modules = yield Module.listPrivates();
+      modules.forEach(function (m) {
+        m.should.have.keys(['name', 'description']);
+      })
+    });
+  });
 });

view/web/layout.html

@@ -34,6 +34,7 @@
       .nav-tabs{margin:20px 0;}
       .nav-cont{display:none;}
       .nav-cont.active{display:block;}
+      .deprecated{color:red;}
     </style>
     <script>
       $(function () {

view/web/package.html

@@ -11,7 +11,7 @@
     </h1>
 
     <% if (package.deprecated) { %>
-      <p class="deprecated"><%= package.deprecated %></p>
+      <p class="deprecated">[DEPRECATED] <%= package.deprecated %></p>
     <% } %>
 
     <% if (package.description) { %>

view/web/private.html

@@ -0,0 +1,33 @@
+<style>
+#private .package {
+  padding: 10px;
+  font-size: 18px;
+  border-bottom: 1px solid #ddd;
+}
+
+#private .alert a {
+  font-size: 20px;
+}
+
+</style>
+<div id="private">
+  <% if (!packages.length) { %>
+    <div class="alert alert-warning">
+      Can not found private package
+    </div>
+  <% } else {%>
+    <h1>
+      Private packages in this registry
+    </h1>
+    <hr />
+
+    <% for (var i = 0; i < packages.length; i++) {
+      var item = packages[i];
+    %>
+      <div class="package">
+        <a href="/package/<%= item.name %>" class="package-name"><%= item.name %></a>
+        <span class="package-description"><%= item.description %></span>
+      </div>
+    <% } %>
+  <% } %>
+</div>